Google’s Android Update — Passwords Automatically Become Passkeys
New Android update will automatically convert passwords to passkeys
The problem with passwords, besides them being the weak link in so many security scenarios, is that they just won’t die. Google, it appears, is about to give them a helping hand in this regard by introducing a feature for Android users that will see them automatically converted to much more secure passkeys instead. It’s been a great few days for Google when it comes to helping improve the security posture of its users, what with the announcement of new AI-powered malicious Android notification warnings and updates to Chrome to patch a critical vulnerability. The trouble is, the attackers just keep attacking, as news of no-interaction Android hack attacks confirms. With 19 billion compromised passwords already published to criminal forums online, the time to act is now. Here’s what Google is doing to help make your credential usage more secure and better defend against Android attackers.
Android To Automatically Change Passwords To Passkeys
The argument for using passkeys instead of passwords is a highly convincing one. Not only are they inherently more secure, but they are also easier to use. It really is a win-win security situation. When even the leading password manager vendors are urging you to replace your passwords, you know it’s the clever move to make. Google knows this as much as anyone, and was one of the original technology giants behind the creation of the passkey standard. Now it is giving Android users a helping hand to make that switch not only easier but fully automatic.
As spotted during an Android Authority code teardown, Google’s password manager for Android is getting an automatic passkey update feature. Although such teardowns tend to reveal features that may or may not appear in functioning applications, the Google Play Services app version 25.19.31 beta code seems to have already gone live for a number of users. I have reached out to Google for a statement, but in the meantime, here’s what we know.
Android Authority enabled the feature that it had found, and discovered it would enable your phone’s existing website and app credentials to “be converted to passkeys without your explicit permission.” The idea being that the Google password manager for Android would upgrade any passwords for sites and services where passkeys are available, and do so in a seamless fashion. “This feature can be disabled if you still prefer passwords or want more control over passkey generation,” the report confirmed.